Security Advisory

CVE-2025-2089

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-03-07 15:00:13

Last updated 2025-03-07 19:33:59

Assigner VulDB

State PUBLISHED

Description

A vulnerability has been found in StarSea99 starsea-mall 1.0/2.X and classified as critical. Affected by this vulnerability is the function updateUserInfo of the file /personal/updateInfo of the component com.siro.mall.controller.mall.UserController. The manipulation of the argument userId leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

← Browse all CVEs View on cve.org ↗